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Trojan. Win32. GenericlBT 


^^B 


C: 










1 /I 79 
14 /o 






9 /on/im 3 

£5/ Zo/ ZU13 


Darkleech 






hurstdog.org 




1 73 7fl1 7C 733 
l/3.ZUl.ZO.Z3o 


1 73 701 7fi 733 
1/3.ZU1.ZD.Z33 


1 /I 7Q 

14/y 






£1/ Zo/ ZU13 


Malware Binary 






secure.oi-installer2.com 




imp.oi-impl.com 




1472 






8/26/2013 


Darkleech 






eslteachersboard.com 


74.54.45.98 


129.121.221.249 


17Q171 771 7/1QIK/MM 

1zy.1z1.zz1.z4y Uj/I\IVI 
Oso Grande 


1471 






8/26/2013 


Darkleech 


^^B 




marinacityonline.com 




66.197.196.149 


66.197.196.149 US/PA 


1 A CQ 

i4oy 






9 /77 y>m 3 

£5/ ZZ/ ZU13 


Trojan.JS.BIacole.ai 




r. 










1470 






8/21/2013 


Darkleech 


^^B 




trucksafety.org 




nathanmccreary.com 


50.28.69.215 


1475 






8/16/2013 


Redirect Blackhole 






envirocleanequip.com 




bmw5.singsnetingsfulls.net 


69.10.54.151 US/NJ 


1477 






8/16/2013 


Redirect 






datingfactory.com 




koloss.officedqokd.com 




1473 






8/16/2013 


Redirect Blackhole 






lakecushman.com 




82.200.204.155 


82.200.204.155 Kazakstan 


1462 






8/16/2013 


Exploit Toolkit TDS 






communitywalk.com 




sedertaht.com 


91.224.161.9 Netherlands 


1 /ICQ 
140o 






9 /1 Q/7m 3 

£5/ 13/ ZU13 


Trojan.JS.Obtuscator.aa 




r. 










1 /I Gfi 
14DD 






9 /1 c /im 3 

£5/ 13/ ZU13 


Exploit Malware. JS. Generic 




r. 
















9 /1 Q/7H1 3 
£5/ ID/ ZU13 


Trojan INF.Autorun 




p. 
r. 










1467 






8/15/2013 


Exploit Malware.JS. Generic 


^^B 


C: 










"\ ACA 
14D4 






9/1/1 /">m 3 

£5/ 14/ ZU13 


tXpiOlt IOOIKII \ Uj 






wpcnet.org 




engseo.net 


1 Qfl Q3 1AA 70 Tz-ic+ra Qir^i 
iyU.y3.Z44.ZU L.05I3 KICa 


1 /I G3 






9/1/1 /">m 3 

£5/ 14/ ZU13 


tXpiOH IOOIKII \ Uj 






wpcnet.org 




engseo.net 


1/11 ini 11c 7n 1 1 v 

141. 1U1.11D.ZU Ur\ 


1474 






8/11/2013 


Redirect Blackhole 






lakecushman.com 




82.200.204.155 


82.200.204.155 Kazakstan 


14DU 






£5/y/ ZU13 


Malware.JS. Generic (JS) 




r. 










1 /I Q9 






9/Q /7H1 3 

c3/y/ zui3 


Trojan Kryptik 




Yahoo 


girldateinstantly.into 


yz.ii^.oz.ziu Romania 






1459 




^■j 


8/9/2013 


Trojan. Win32. GenericlBT 


^^B 


F: 










1452 






Of Of ZU1 3 


Browser Exploit 






bartel Id rugs.com 




welchomeimmobi liare. it 


77 Q3. 7^1 7R ltal\/ 
/ /.yj.ZDl.Zo ILdly 


1 A C1 
14D1 


^^^^^ 




Q IQ /7m 3 
Of Of ZU13 


neur.n i iviL.iviaiirrame [vj 


^^^^^^ 












1451 






8/7/2013 


Zero Access Trojan 






zotjavadlgatmlpgaamsobzgsx.co 




ymoopbbmennzcjotppfkdrqxus.c 




1457 






8/5/2013 


Trojan. Win32. GenericlBT 




C: 










1455 






8/1/2013 


Sinkhole Georgia Tech 






bimmerforums.co.uk 




pingthisurl-uptime.com 


166.78.158.73 US/TX 
georgia tech 



1454 






8/1/2013 


Sinkhole Georgia Tech 






bimmerforums.co.uk 




pingthisurl-uptime.com 


1 fifi 78 1 ^0 73 I K /TV 
1DD./O.1D0./3 UD/IA 

georgia tech 


1453 






8/1/2013 


Sinkhole Georgia Tech 


^^^^^ 




bimmerforums.co.uk 




pingthisurl-uptime.com 


1 Cfi 7S 1 73 I IC /TV 
1Dd./o.1jO./3 Uj/ Ia 

georgia tech 


1450 






7/31/2013 


Trojan. Win32. Meredrop several trojans 


^^B 


1: 










1 /l/lfi 
144D 






7 /3n/im 3 

// 3U/ ZU13 


Darkleech 






ayalalandpremier.com 




kellybutterbaugh.com 


71C 11Q 170IK/IIT 
Z1D. liy .1DO. 1ZU Uj/U I 


1448 






7/29/2013 


Trojan. Win32. GenericlBT several trojans 




F: 










1 AAA 
1444 






7 /7Q/im 3 

// zy/ zui3 


Darkleech 






orcabiz.com 




sleepyhead.judyboy.com 


7H/1 Q3 1 QQ I IC/II 
ZU4.y3.iyo.DD UD/IL 


1 AAQ 
144y 






7 /7Q/im 3 

// zy/ zui3 


Trojan. Win32.Generic!BT 




l\. 










1 A A C 
144D 






7 /17/7H1 3 
// Z // ZU13 


Darkleech 






320ranch.com 




barbaramurak.com 


7H/1 Q3 1 QQ fit; I K/ll 
ZU4.y3.iyo.DD UD/IL 


1 AA~J 
144 1 






7 /ic/im 3 

// ZD/ ZU13 


Malware.JS. Generic (JS) 














1/1/13 
1443 






7 /1/1 /im 3 
// Z4/ ZU13 


Darkleech 






ciberbullying.com 




reports.stirlingassynt.com 


7/I 1 fi/l 1 70 I Ik' 
/4.0D.1D4. 1ZU Ul\ 


1442 






7/23/2013 


Trojan. Win32. GenericlBT 


^^B 


F: 










1441 






7/77/701 3 
/ / ZZ/ ZU13 


Trojan. \A/in32.Ramnit.c (v) 




p. 










1 A 3Q 


^^^^^ 




7 /1 Q/701 3 
// 13/ ZU13 


LooksLike.J N LP. Exploit Loader. a (v) 














1440 






7/19/2013 


BehavesLike. Win32. Malware.eah (mx-v) 


^^B 


F: 










1 /I 13 


^^^^^ 




7 /1 Q/im 3 
// lo/ ZU13 


Redirect 


^^^^^^ 




kamranagayev.com 




Q/i in 3n qq 
y4.zu.3u.oy 


Q/l 7H 3fl QQ AvarK^ii^an 

y4.zu.3u.oy Mzeruaijan 


1434 






7/18/2013 


Darkleech 


^^B 




yournextseven.com 




thurmastonurbanextension.co.uk 


78.129.250.40 UK 


1 /I Cfi 






7/17 /701 3 
/ / 1 // ZU13 


Trojan. Win32. Re vet on. a 














1426 






7/17/2013 


Browser Exploit 






brotherhoodinstructors.com 




911adnetwork.com 


69.55.48.179 US/NY 


1/11/1 
14Z4 






7/17 /701 3 
// 1 // ZU13 


Darkleech 






costcotr3V6l.com 




beautitul-places.com 




1 /1 17 
14Z / 






7 /1 C/701 3 
//ID/ ZU13 


Darkleech 






waterwayscruises.com 




marcusjwilson.net 


Q3 713 1 n/l CTQ I Ik' 
o3. ZZ3. 1U4.DD Ul\ 


1 /I IQ 
14ZO 






7 /1 c/im 3 

// ID/ ZU13 


Darkleech 






grandlifehotels.com 




yorkshireweddinghair.co.uk 


7Q 1 iq ic;n /in 1 ik' 

/O.lZy .ZDU.4U Ul\ 


1 /I ic 
14ZD 






7 /1 C/701 3 
//ID/ ZU13 


rteciKll r r 






kassowal.com 


C3 3Q 1 I IC/A7 
DU.D3.3y.l U3/MZ 


mapanastrone.net 


Q7 QQ 73Q 17 D/-il ■anrl 

o/.yo.z3y.i/ roianu 


1 /I IQ 

i4zy 






7 /1 c/im 3 

//ID/ ZU13 


Malware Binary 






do rows kilo backs, biz 


C/l 31 7 Q 1 ~m. 1 1 C /fZ A 
D4. 31. ZD. 1/D U3/UM 


indirs-vostok.ws 


C/l 7n 1Q 1 QQ I K/rA 

D4./u.iy.iyo uj/lh 


1 /I 3Q 

1430 






7 /1 C /701 3 
//ID/ ZU13 


Trojan. Win32.Generic!BT 














1 /I 

143D 






7 /1 c/7m 3 

// ID/ ZU13 


Trojan. Win32.Generic!BT 




r. 










1430 






//lD/ZUl3 


Malware Binary 






geekologie.com 


b/.zzo.lo.lo Ud/LA 


journalismart.com 




1 /I 37 






7 /1 c/7m 3 

//ID/ ZU13 


Trojan. Win32.Generic!BT 




r. 










1431 






7/17 /7m 3 
/ / 1Z/ ZU13 


Darkleech 






aveceric.com 




QC 1C1/1 ICC 1 Q3 
yD.lD4.ZDD.iy3 


QQ IC/l ICC 1 no I ii/ 
yD.lD4.ZDD.iy3 Ul\ 


1/131 
143Z 






7/17 /701 3 
/ / 1Z/ ZU13 


Darkleech 






ebang.com 




bloggeruk.com 


QC 1 C/l ICC 1 31 1 Ik" 
yD.lD4.ZDD.13Z UN 


1/133 






7/11 /7m 3 
//ll/ ZU13 


Darkleech 






maxonfx.com 




admin. glamshop. me 


7Q 1 iq icn /in 1 ik' 

/O.lZy .ZDU.4U Ul\ 


1 /i 3C 

143D 






7/11 /701 3 
/ / 11/ ZU13 


Trojan. Win32.Generic!BT 




p. 
r. 










1 A 1 Q 
14iy 






7 /1 n/im 3 

// 1U/ ZU13 


Trojan. Win32. VBInject. gen (v) 




p. 
r. 










1 a 1 n 

141U 






7 /1 n/7m 3 

// 1U/ ZU13 


Darkleech 






blog.yoh.com 




blog.arcadeattiliate.com 


inQ 1 nn 3Q 13c i ic/ii 

ZUo.1UU.3o.Z3D UD/IL 


1/111 
141Z 






7/Q /701 3 

//y/ zui3 


Trojan Generic 






domainscjuiklysclass.biz 


173 n qr ioc i |c/^>ln 

1/3.U.DD.13D UD/IVIU 


lakegorham.org 


inc 1 qc 1 Q3 cn 

ZUD.loD.lo3.DU 


141D 






7/Q /701 3 

//y/ zui3 


Darkleech 






thefinishedbox.com 




dodapt.com 


ca qi ina 1/11 i K//~n 
D4.yz.zuy.z4i uj/lu 


1417 






7/9/2013 


Darkleech 


^^B 




seattle.medfinds.com 




64.92.209.242 


64.92.209.242 US/CO 


1413 






7/9/2013 


Trojan Generic 






la kegorham .org 




pricesrichertube.net 


i73n c ; c ;i3fii ic:/Mn 

1/3.U.JJ.13D UD/IVIU 


1/111 

1411 






7/Q /701 3 

//y/ zui3 


Trojan Generic 






visualillusionist.com 




pricesrichertube.net 


1 73 n CC 1 3fi I K /K/in 
1/3. U.DD.13D UD/IVIU 


1420 






7/9/2013 


BehavesLike. Win32. Malware.eah (mx-v) 




G: 










1 /1 1 c 
141D 






7/Q /701 3 

//y/ zui3 


Darkleech 






oralcancerfoundation.org 




vitalclip.com 


ca qi ina 1/11 i K//~n 
D4.yz.zuy.z4i uj/lu 


1 /1 1 Q 
1416 






7/Q /701 3 

//y/ zui3 


Darkleech 




jamespatterson.com 




embellishments.com 


C/i qi ina 1/11 i ic/rn 
D4.yz.zuy.z4i uj/lu 


1/11/1 
1414 






7 /Q /701 3 
/ fo/ ZU13 


Redirects 




Yahoo 


sessionspark.net 


7/1 7flQ 73 QS 1 K/ll cnh Prrx/nt 
/4.ZUD./3.y£> UD/IL5UD tgypi 


decvem.descriptured.com 


QC 1 C3 CI 1/13 Ruccia 
yD.lD3.DZ.Z43 KUSSia 


1 /ina 
i4uy 






7/Q /7m 3 
//D/ ZU13 


Zero Access Trojan 














1408 






7/5/2013 


Zero Access Trojan 


^^B 












1421 






7/5/2013 


Trojan.\A/in32.Generic!BT 




F: 










1/171 
14ZZ 


^^^^^ 




7//1 /701 3 
//4/ ZU13 


neur.n i iviL.iviaiirrame ^vj 




C: 










1404 






7/3/2013 


Browser Exploit 






advhyp.com 


185.27.36.68 Iceland 


mondinion.com 


108.168.206.40 US/TXsub 
to Romania 


1407 






union 


Zero Access Trojan 


^^B 












1406 






union 


Browser Exploit 






philstar.com 


13fl 13 IK/A7cnk+n 
DD.OD.13U.13 UD/HZ. SUD LO 

Philipines 


pm.piksmedia.com 


205.185.158.220 US/MN 


1405 






nmon 


Browser Exploit 






live-cricket.hindustantimes.com 


23.59.191.75 Akamai 


pm.piksmedia.com 


205.185.158.220 US/MN 


1403 






union 


Darkleech 






scantool.net 




killervampires.com 


1 7/1 13 3 7 C 1 IC") I IC /TV 
1 /4. 133.ZD1. 1DZ Uj/ IA 

sub to Australia 


1376 






6/28/2013 


Redirect Pharma Spam 


^^B 




addraswas.com 


193.107.239.193 Russia 


levitrarxtax.com 


217.115.113.116 Ireland 








C /77 /im 3 
O/Z // ZU13 


Trojan. Win32.Generic!BT 




C: 










1378 






6/27/2013 


Rogue AV, Zbot, Kelihos 






new-atlanticmedia.com 


66.7.216.77 US/FL 


iruzin.es 


87.106.195.63 Germany 


1377 






6/27/2013 


Rogue AV, Zbot, Kelihos 






segway.com 




babakjahanbakhsh.ir 


209.236.117.136 US/TX 


1379 






6/27/2013 


Browser Exploit 






dinarvets.com 


66.55.93.178 US/IL 


pgrmar.com 


208.74.144.58 US/NJ 



1 3Q7 
IDoZ 


^^^9 




fi/7G/7m 3 
D/ ZD/ ZUlD 


DBrkleech 






therundown.tv 




aaes.japada.com.au 


77 10 ICC qo 1 K/Ml 
/Z.lO.lDD.yo UD/IVII 


1380 






6/26/2013 


Darkleech 






aveceric.com 




laaaadulthosting.speediahost.co 
m 


5.9.59.67 Germany 


1381 






6/26/2013 


Darkleech 


^^B 




freedieting.com 




64.40.123.234 


64.40.123.234 Canada 


1 Af\~) 






fi/7 C /701 3 
D/ ZD/ ZUlD 


Win32. Autorun.gen (v) 




r. 










1 3Q/1 






C/7 R/7m 3 
D/ ZD/ ZUlD 


Darkleech 






unsoiv6u.com 




C/l /in 173 737 
D'I.^HJ.IZD.Zd / 


CA /in 173 737 r^in^rla 

d^.m-u. izd. zd / L.anaaa 


1385 






6/25/2013 


Darkleech 






cloudapp4u.com 




rocky mou n ta i nnost a Igiafunny cars 
.com 


64.40.123.42 Canada 


1 3Q3 






fi/7 C /701 3 
D/ ZD/ ZUlD 


Darkleech 






compactpowercenter.com 




77 18 1 cc 1 n7 
/Z.lcS.lDD.lUZ 


77 10 1 CC 1 A7 I |C /M I 
/ Z.lO.lDD. 1UZ UD/IVII 


1 3Qn 






C/7/1 /7m 3 
D/ Z4/ ZUlD 


Zero Access Trojan 














1401 






6/24/2013 


BehavesLike. Win32. Malware.eah (mx-v) 




F: 










1 3Q7 
loci / 






fi/7/1 /701 3 
D/ Z4/ ZUlD 


Kogue AV 






1 7C; A 1 7Q 1 7Q 

i/D.M-i.zy.i/y 


17C /II DO 1 7Q Unnn l/nnn 

1 /D.'ii.zy .1 /y nong i\ong 






1 3QQ 






C/77 /7m 3 
D/ ZZ/ ZUlD 


Trojan Downloader Genome. deag 






b. green pi pesky.com 








1 3QQ 
IDoo 






fi/77 /701 3 
D/ ZZ/ ZUlD 


Browser Exploit 






creditboards.com 








1 3Q1 






C/7 1 /7m 3 
D/ Zl/ ZUlD 


Browser Exploit, Zero Access trojan 






1371QQ3Q17 hnntn nm 

13 1 iooddi / .nopio.org 




ht5.longislandcitynyc.com 




1395 






6/21/2013 


Darkleech 






eliseleonardmd.com 




gd20lance.myvfs.ca 


173.231.1.140 UK 


1394 






D/ Z J./ ZUlD 


Da rkleech 






forum.metroamp.com 




yourleatherdoublebed.com 


QZL 7fi 7^^; 1 /1R I IK 


1 3Q7 

iDyz 


^^^^^ 




fi/7 1 /701 3 
D/ Zl/ ZUlD 


Darkleech 


^^^^^^ 




momandel.com 




bestproteinpowder777.co.uk 


Q/1 7C 7^C: 1 /l Q 111/ 
y^. /O.ZDD. IM-o Ul\ 


1393 






6/21/2013 


Neutrino Exploit Kit 


^^B 




36c8e24ac8f48fb8el9d75ea.for- 
ou r. i nfo 








1 /inn 


^^^^^ 




e/7n/7m 3 

D/ ZU/ ZUlD 


LooksLike.Java.Malware.d 


^^^^^^ 


r. 










1397 






6/20/2013 


Trojan Generic 


^^B 




event.visualbee.net 


174.129.7.152 US/WA 


cdn.visualbee.net 


54.230.68.103 US/WA 


1 3QC 

iDyo 






c/7n/7m 3 

D/ ZU/ ZUlD 


Darkleech 






■ii 

rowingillustrated.com 




lswitthost.speediahost.com 


D.y.Dy.D/ oermany 


1386 






6/20/2013 


Trojan Kuluoz.B 






sudarshanstationery.com 




50.57.135.183 


50.57.135.183 US/TX 


1398 






6/19/2013 


Trojan Email Generic 


^^B 


AOL 


trk.rrcpm.com 




pointlinenetwork.com 




1375 






6/19/2013 


Trojan Downloader Banload 






admperson.com.br 


187.45.193.17 Brazil 


mamaocomcacucarl2.hol.es 


31.170.166.198 


1371 




■ 


6/18/2013 


Darkleech 






sga.net 




nearlyhealthy.com 


173.231.1.96 US/CA sub to 
UK 


1 3G7 






c/17 /7A1 3 
D/ 1 // ZUlD 


Zero Access Trojan 














1 37/1 






D/ 1 // ZUlD 


Darkleech 






bigbox.com 




Dy.io/.i3y.6j 


69.167.139.83 US/Ml sub 
to Mass Enthusiasm US/AR 


1368 






6/17/2013 


Redirect to DGA 


^^B 




physicsteacher.org 




3b5b94421f2ce04dc9b4d2al.dvr 
d ns.org 


85.214.64.153 Germany 


ID 1 3 






c/17 /7A1 3 
D/ 1 // ZU1D 


Trojan Kazy 




Yahoo 


blog.staxx.nl 


lyD.Do.iD'i.^-M- i\einenanus 






1369 






6/17/2013 


Darkleech 






gorgeouslygreen.com 




lwirehosting.speediahost.com 


5.9.59.67 Germany 


1 377 
13 / Z 






C/17 /7m 3 
D/ 1 // ZU1D 


Browser Exploit 






mlno6.com 


17/1 1/13 1 Qfi 711 IK /TV 
1 /^.l^D.lou.Zll UD/ IA 


srpskevesti.com 


31 1 7n IOC AC ^orm^riM 

Di.i /u. lUD.M-o uermany 


1 37n 

13 /U 






C/1 c/7m 3 

D/ ID/ ZU1D 


Darkleech 






beachfiber.com 




stirlingriskasia.com 


7/1 1 fi/l 1 7n I IC /TV 
/^.CSD.IDM-. 1ZU UD/ IA 


1 3C7 






C/1 /l /701 3 
D/ 14/ ZU1D 


Redirect 




Comcast 


fjitc.com 


1 Qn 177 1 Thinra 

icsu.csd.iz / .iDD L.nma 






1 3d 






C/1 /l /701 3 
D/ 14/ ZU1D 


Browser Exploit 






ads.ball-python.net 


C7 77Q 1 7 C7 I K/TV 
0/ .ZZb.l / .DZ UD/ IA 


zogratos.gr 


Q3 1 7/1 17C: 117 CroorQ 

yD.i izD.iiz ureece 


1 3GC 






C/IO /7A1 3 
D/ 15/ ZU1D 


Trojan.Js.Redirector.ma 




r. 










1364 






6/13/2013 


Trojan. Win32. GenericlBT 


^^B 


C: 










1363 






3/?m 3 

D/ 13/ ZU1D 


Da rkleech 






anastasia.net 




arklatexhonda.info 


fiQ 1 fi7 1 3Q P.1 I K/MI 
Dy. ID / . IDy.0 1 UD/IVII 


1 3cc; 






D/ ID/ ZU1D 


Trojan. Win32.Generic!BT 




r. 










1359 






6/12/2013 


Trojan Kuluoz 






patram.info 


202.52.146.35 Indonesia 


163.10.12.83 


163.10.12.83 Argentina 


1 3cn 

13DU 






C/17 /7m 3 
D/ 1Z/ ZU1D 


Darkleech 






schlumpt.ch 




CO. QQ 1 3 7/1Q 

oy.esy. id. z^y 


CO SQ 13 7/1Q 1 IC/ftA 

Dy.oy. id. z^y uj/um 


1 3c;/i 






D/ 11/ ZU1D 


Trojan Kuluoz 






naivedhyam.com 


77 EM /|D 17D I IC/r-A 






1 3^1 






c/1 n/7m 3 

Of 1U/ ZU1D 


Darkleech 






zcrewfit.com 


31 1 Q 


7nc 7171 qc; 1 Q 

ZUD.Zl/.iyD.lD 


7nC 717 1QQ 1C ||C /I IT 
ZUD.Z1 / .iyD. ID UD/UI 


1 3c;q 






c/1 n/7m 3 

D/ 1U/ ZU1D 


Darkleech 






westcoastwt.com 




7nc 7171 qc; 1 Q 
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195.5.208.204 France 


forum-voip.net 


195.5.208.204 France 


1014 
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